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DETAILED ACTION 

1. Claims 1-63, are presented for examination. 

Response to Arguments 

2. Applicant's arguments filed 10/14/2004 have been fully considered but they are not 
persuasive. Therefore, rejection of claims 1-63 is maintained. 

Applicant argues, (1) "Barker et al. U.S. patent number 6,3,63,421 (Herein after Barker) 
does not anticipate a gateway that is configurable to provide object-level access control between 
the managers and the managed objects, wherein said object-level access control is provided at 
the individual object level so that one of the managers is granted access to one of the managed 
objects while being prevented from interfacing with a different one of the managed objects". 
The examiner respectfully disagrees in response to applicant's arguments. Barker very clearly 
teaches a gateway (e.g., an element management server, figure 1 A), that is configurable to 
provide object-level access control (e.g., use of managed object identifier for network elements, 
figure 6) between the managers (e.g., software modules accessing network elements, figures 3 
and 4) and the managed objects (e.g., network elements, figure 1C, abstract), wherein said 
object-level access control is provided at the individual object level so that one of the managers 
(e.g., software modules accessing network elements, figures 3 and 4) is granted access to one of 
the managed objects (e.g., network elements, figure 1C, abstract) while being prevented from 
interfacing with a different one of the managed objects (e.g., use of managed object identifier for 
network elements, figure 6). Therefore the rejection in maintained as disclosed below. Also, 
Page 46 of the specification, i.e., enclosed disclosure, clearly states "variations, modifications, 
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additions and improvements may fall within the scope of the invention as detailed within the 
claims". Since, applicant's claims contain broadly claimed subject matter, it clearly reads upon 
the examiner's interpretation of these actions. Therefore, Barker meets the claimed limitations. 

Applicant argues, (2) "Barker does not teach object-level access control". The examiner 
respectfully disagrees in response to applicant's arguments. Barker very clearly teaches an 
object-level access control (e.g., use of managed object identifier for network elements, figure 6). 
Therefore the rejection in maintained as disclosed below. Also, Page 46 of the specification, i.e., 
enclosed disclosure, clearly states "variations, modifications, additions and improvements may 
fall within the scope of the invention as detailed within the claims". Since, applicant's claims 
contain broadly claimed subject matter, it clearly reads upon the examiner's interpretation of 
these actions. Therefore, Barker meets the claimed limitations. 

Applicant argues, (3) "Barker does not teach a client presenting a user name, password or 
other authentication credentials when registering for object attribute update notification". The 
examiner respectfully disagrees in response to applicant's arguments. In response to applicant's 
argument that the references fail to show certain features of applicant's invention, it is noted that 
the features upon which applicant relies " a client presenting a user name, password or other 
authentication credentials when registering for object attribute update notification" are not 
recited in the rejected claim(s). Although the claims are interpreted in light of the specification, 
limitations from the specification are not read into the claims . See In re Van Geuns, 988 
F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). What is claimed is "an object-level access 
control". Barker very clearly teaches an object-level access control (e.g., use of managed object 
identifier for network elements, figure 6). Therefore the rejection in maintained as disclosed 
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above. Also, Page 46 of the specification, i.e., enclosed disclosure, clearly states "variations, 
modifications, additions and improvements may fall within the scope of the invention as detailed 
within the claims". Since, applicant's claims contain broadly claimed subject matter, it clearly 
reads upon the examiner's interpretation of these actions. Therefore, Barker meets the claimed 
limitations. 

Applicant argues, (4) "Barker does not teach object-level access control between the 
managers and the managed objects". The examiner respectfully disagrees in response to 
applicant's arguments. Barker very clearly teaches an object-level access control (e.g., use of 
managed object identifier for network elements, figure 6) between the managers (e.g., software 
modules accessing network elements, figures 3 and 4) and the managed objects (e.g., network 
elements, figure 1C, abstract). Therefore the rejection in maintained as disclosed below. Also, 
Page 46 of the specification, i.e., enclosed disclosure, clearly states "variations, modifications, 
additions and improvements may fall within the scope of the invention as detailed within the 
claims". Since, applicant's claims contain broadly claimed subject matter, it clearly reads upon 
the examiner's interpretation of these actions. Therefore, Barker meets the claimed limitations. 

Applicant argues, (5) "Barker fails to anticipate determining on a managed object level 
whether or not the manager application is allowed to send a request to the managed object. The 
examiner respectfully disagrees in response to applicant's arguments. Barker very clearly 
teaches determining on a managed object level whether or not the manager application is allowed 
to send a request to the managed object (e.g., use of managed object identifier for network 
elements in the requests, figure 6). Therefore the rejection in maintained as disclosed below. 
Also, Page 46 of the specification, i.e., enclosed disclosure, clearly states "variations, 



Application/Control Number: 09/556,068 Page 5 

Art Unit: 2154 

modifications, additions and improvements may fall within the scope of the invention as detailed 
within the claims". Since, applicant's claims contain broadly claimed subject matter, it clearly 
reads upon the examiner's interpretation of these actions. Therefore, Barker meets the claimed 
limitations. 

Applicant argues, (6) "Barker fails to teach wherein the gateway is configurable to 
determine whether each of the managers is authorized to communicate with each of the managed 
objects". The examiner respectfully disagrees in response to applicant's arguments. Barker very 
clearly teaches the gateway (e.g., an element management server, figure 1 A) is configurable to 
determine whether each of the managers (e.g., software modules accessing network elements, 
figures 3 and 4) is authorized to communicate (e.g., user session, figure 6) with each of the 
managed objects (e.g., network elements, figure 1C, abstract). Therefore the rejection in 
maintained as disclosed above. Also, Page 46 of the specification, i.e., enclosed disclosure, 
clearly states "variations, modifications, additions and improvements may fall within the scope 
of the invention as detailed within the claims". Since, applicant's claims contain broadly claimed 
subject matter, it clearly reads upon the examiner's interpretation of these actions. Therefore, 
Barker meets the claimed limitations. 

Applicant argues, (7) "Barker fails to teach a gateway that is configurable to authenticate 
the managers to receive the events from or to send the request to the managed objects as a 
function of the identity of the managed objects". The examiner respectfully disagrees in 
response to applicant's arguments. Barker very clearly teaches a gateway (e.g., an element 
management server, figure 1 A) that is configurable to authenticate (e.g., figure 6) the managers 
(e.g., software modules accessing network elements, figures 3 and 4) to receive the events from 
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or to send the request to the managed objects as a function of the identity of the managed objects 
(e.g., notification, figure 6). Therefore the rejection in maintained as disclosed above. Also, 
Page 46 of the specification, i.e., enclosed disclosure, clearly states "variations, modifications, 
additions and improvements may fall within the scope of the invention as detailed within the 
claims". Since, applicant's claims contain broadly claimed subject matter, it clearly reads upon 
the examiner's interpretation of these actions. Therefore, Barker meets the claimed limitations. 

Applicant argues, (8) "Barker does not teach wherein the managed objects comprise one 
or more objects corresponding to a telephone network. The examiner respectfully disagrees in 
response to applicant's arguments. Barker very clearly teaches the managed objects comprise 
one or more objects corresponding to a telephone network (e.g., figure 1 A, network element of 
public switched telephone network, also corresponding is a broad term meaning - be in contact, 
in touch, communicate). Therefore the rejection in maintained as disclosed above. Also, Page 
46 of the specification, i.e., enclosed disclosure, clearly states "variations, modifications, 
additions and improvements may fall within the scope of the invention as detailed within the 
claims". Since, applicant's claims contain broadly claimed subject matter, it clearly reads upon 
the examiner's interpretation of these actions. Therefore, Barker meets the claimed limitations. 

Applicant argues, (9) "Barker does not teach a gateway that is configurable to provide 
security audit trails comprising the gateway providing access to a logging service". The 
examiner respectfully disagrees in response to applicant's arguments. Barker very clearly 
teaches a gateway that is configurable to provide security audit trails comprising the gateway 
providing access to a logging service (e.g., use of storage devices to store filtered / audited and 
events information, col., 11, lines 18 - 60, col., 17, line 33 - col., 18, line 9, col., 41, line 63 - 
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col., 42, line 53). Therefore the rejection in maintained as disclosed above. Also, Page 46 of the 
specification, i.e., enclosed disclosure, clearly states "variations, modifications, additions and 
improvements may fall within the scope of the invention as detailed within the claims". Since, 
applicant's claims contain broadly claimed subject matter, it clearly reads upon the examiner's 
interpretation of these actions. Therefore, Barker meets the claimed limitations. 

Applicant argues, (10) "Barker does not teach the logging service, local data services at 
the server, is operable to log an ED of a user that sends each request". The examiner respectfully 
disagrees in response to applicant's arguments. In response to applicant's argument that the 
references fail to show certain features of applicant's invention, it is noted that the features upon 
which applicant relies "the logging service, local data services at the server, is operable to log an 
ID of a user that sends each request" are not recited in the rejected claim(s). Although the claims 
are interpreted in light of the specification, limitations from the specification are not read into the 
claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). What is 
claimed is "the logging service is operable to log an ID of a user that sends each request". Barker 
very clearly teaches the logging service is operable to log an ID of a user that sends each request 
(e.g., ID of an agent application associated with a particular user request, col., 11, lines 18 - 60, 
col., 17, line 33 - col., 18, line 9, col., 41, line 63 - col., 42, line 53). Therefore the rejection in 
maintained as disclosed above. Also, Page 46 of the specification, i.e., enclosed disclosure, 
clearly states "variations, modifications, additions and improvements may fall within the scope 
of the invention as detailed within the claims". Since, applicant's claims contain broadly claimed 
subject matter, it clearly reads upon the examiner's interpretation of these actions. Therefore, 
Barker meets the claimed limitations. 
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Applicant argues, (11) "Barker does not teach that the requests are converted from the 
interface definition language to a platform-specific format / Portable Management Interface 
(PMD format prior to delivery to the managed objects". The examiner respectfully disagrees in 
response to applicant's arguments. Barker very clearly teaches teach that the requests are 
converted from the interface definition language to a platform-specific format / Portable 
Management Interface (PMD format prior to delivery to the managed objects (e.g., conversion 
from the IDL to a network element specific protocol, the specific protocol used for 
communication with the network element is specified by the service object, other managed 
object classes could be added that utilize a different protocol and encapsulate that knowledge in 
the managed object class, hence any protocol, like PMI can be supported, col., 21, line 46 - col., 
22, line 59). Also, Page 46 of the specification, i.e., enclosed disclosure, clearly states 
"variations, modifications, additions and improvements may fall within the scope of the 
invention as detailed within the claims". Since, applicant's claims contain broadly claimed 
subject matter, it clearly reads upon the examiner's interpretation of these actions. Therefore, 
Barker meets the claimed limitations. 

Applicant states, (12) "In a facsimile communication dated May 25, 2004, the Examiner 
suggests two possible limitations, either of which, if incorporated into Applicants' independent 
claims, would overcome the prior art and render them in a condition for allowance". In 
clarification to this, examiner proposed amending the claims on May 25, 2004. No agreement 
was reached between Mr. Robert C Kowert and the examiner. 



Specification 
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3. The title of the invention is not descriptive. A new title is required that is clearly 
indicative of the invention to which the claims are directed. 

The present title is not sufficient for proper classification of the claimed subject matter. 

Claim Rejections - 35 USC § 112 
The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

4. Claims 58 - 63 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

5. Claims 58 - 60 recite the limitation "the manager access". There is insufficient 
antecedent basis for this limitation in the claim. 

6. Claims 61-63 recite the limitations "the insertion of the user name", "the request message 
to enforce object-level access control". There is insufficient antecedent basis for this limitation 
in the claim. 

Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
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subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1(2) of such treaty in the English language. 

8. Non-amended claims 1-57, are rejected under 35 U.S.C. 102(e) as being anticipated by 
Barker et al. U.S. patent number 6,363,421, as per paper number, 06/15/2004. 

9. New claims 58-63, are rejected under 35 U.S.C. 102(e) as being anticipated by Vuong et 
al. U.S. patent number 6,430,578 (Hereinafter Vuong). 

10. As per claims 58-60, Vuong teaches a network management system / method / a 
computer readable medium (e.g., col., 5, lines 57 - col., 6, line 23), comprising: a gateway which 
is coupled to a plurality of managed objects and which is configured to deliver events generated 
by the managed objects to one or more managers or to deliver requests generated by the 
managers to one or more of the managed objects (e.g., col., 5, lines 57 - col., 6, line 23), and 

a platform-independent interface to the gateway (e.g., col., 2, lines 1 - 26), wherein the 
gateway is configurable to communicate with the managers through the platform- independent 
interface to deliver the events or requests (e.g., col., 4, lines 40 - 67); 

the gateway is configurable to provide object-level access control between the managers 
and the managed objects to receive the events from or to send the requests to the managed 
objects (e.g., col., 2, line 26 - 52, col.,6, lines 42 - 59), wherein said object-level access control is 
provided at the individual object level so that one of the managers is granted access to one of the 
managed objects while being prevented from interfacing with a different one of the managed 
objects (e.g., col., 2, line 26 - 52, col.,6, lines 42 - 59), and wherein the managers use a request 
Service Access Point (SAP) for requests and responses (e.g., col., 2, lines 16 - 26), 
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sending an identity of a user of a manager application to a gateway (e.g., col., 5, lines 4 - 
27), determining on a managed object level whether or not the manager application is allowed to 
receive an event generated by one of a plurality of managed objects or to send a request to the 
one of the plurality of managed objects as a function of the identity of the user of the manager 
application (e.g., col., 7, lines 9 - 32), whereby access for the manager application to receive the 
event or send the request is approved or denied for said one of the plurality of managed objects at 
the individual object level so that the manager application is granted access to one of the 
plurality of managed objects while being prevented from interfacing with a different one of the 
plurality of managed objects (e.g., col., 8, lines 21 - 42); and delivering the event to the manager 
application or the request to the managed object if the manager access is approved (e.g., col., 7, 
lines 2 -26). 

11. As per claims 61-63, Vuong teaches a network management system / method / a 
computer readable medium (e.g., col., 5, lines 57 - col., 6, line 23), comprising: a gateway which 
is coupled to a plurality of managed objects and which is configured to deliver events generated 
by the managed objects to one or more managers or to deliver requests generated by the 
managers to one or more of the managed objects (e.g., col., 5, lines 57 - col., 6, line 23), and 

a platform-independent interface to the gateway (e.g., col., 2, lines 1 - 26), wherein the 
gateway is configurable to communicate with the managers through the platform- independent 
interface to deliver the events or requests (e.g., col., 4, lines 40 - 67); 

the gateway is configurable to provide object-level access control between the managers 
and the managed objects to receive the events from or to send the requests to the managed 
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objects (e.g., col., 2, line 26 - 52, col.,6, lines 42 - 59), wherein said object-level access control is 
provided at the individual object level so that one of the managers is granted access to one of the 
managed objects while being prevented from interfacing with a different one of the managed 
objects (e.g., col., 2, line 26 - 52, col.,6, lines 42 - 59), wherein the gateway uses a singleton 
SAP object that shares all Proxy Agents through which a manager deals with a managed object 
(e.g., col., 2, lines 16 - 26), and allows the insertion of the user name in the request message to 
enforce object-level access control (e.g., col., 2, lines 16 - 26), 

sending an identity of a user of a manager application to a gateway (e.g., col., 5, lines 4 - 
27), determining on a managed object level whether or not the manager application is allowed to 
receive an event generated by one of a plurality of managed objects or to send a request to the 
one of the plurality of managed objects as a function of the identity of the user of the manager 
application (e.g., col., 7, lines 9 - 32), whereby access for the manager application to receive the 
event or send the request is approved or denied for said one of the plurality of managed objects at 
the individual object level so that the manager application is granted access to one of the 
plurality of managed objects while being prevented from interfacing with a different one of the 
plurality of managed objects (e.g., col., 8, lines 21 - 42); and delivering the event to the manager 
application or the request to the managed object if the manager access is approved (e.g., col., 7, 
lines 2 - 26). 

12. New claims 58-63, are rejected under 35 U.S.C. 102(e) as being anticipated by Spencer 
U.S. patent number 6,253,243 (Hereinafter Spencer). 
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13. As per claims 58-60, Spencer teaches a network management system / method / a 
computer readable medium (e.g., col., 4, lines 23 - 63), comprising: a gateway which is coupled 
to a plurality of managed objects and which is configured to deliver events generated by the 
managed objects to one or more managers or to deliver requests generated by the managers to 
one or more of the managed objects (e.g., col., 4, line 53 - col., 5, line 20), and 

a platform-independent interface to the gateway (e.g., col., 5, lines 46 - 65), wherein the 
gateway is configurable to communicate with the managers through the platform- independent 
interface to deliver the events or requests (e.g., col., 6, lines 13 - 29); 

the gateway is configurable to provide object-level access control between the managers 
and the managed objects to receive the events from or to send the requests to the managed 
objects (e.g., col., 5, lines 46 - 65), wherein said object-level access control is provided at the 
individual object level so that one of the managers is granted access to one of the managed 
objects while being prevented from interfacing with a different one of the managed objects (e.g., 
col., 7, lines 35 - 57), and wherein the managers use a request Service Access Point (SAP) for 
requests and responses (e.g., col., 6, lines 2 - 28), 

sending an identity of a user of a manager application to a gateway (e.g., col., 7, lines 35 - 
67), determining on a managed object level whether or not the manager application is allowed to 
receive an event generated by one of a plurality of managed objects or to send a request to the 
one of the plurality of managed objects as a function of the identity of the user of the manager 
application (e.g., col., 5, line 53 - col., 6, line 13), whereby access for the manager application to 
receive the event or send the request is approved or denied for said one of the plurality of 
managed objects at the individual object level so that the manager application is granted access 



Application/Control Number: 09/556,068 Page 14 

Art Unit: 2154 

to one of the plurality of managed objects while being prevented from interfacing with a 
different one of the plurality of managed objects (e.g., col., 7, lines 35 - 67); and delivering the 
event to the manager application or the request to the managed object if the manager access is 
approved (e.g., col., 6, lines 23 - 49). 

14. As per claims 61-63, Spencer teaches a network management system / method / a 
computer readable medium (e.g., col., 4, lines 23 - 63), comprising: a gateway which is coupled 
to a plurality of managed objects and which is configured to deliver events generated by the 
managed objects to one or more managers or to deliver requests generated by the managers to 
one or more of the managed objects (e.g., col., 4, line 53 - col., 5, line 20), and 

a platform-independent interface to the gateway (e.g., col., 5, lines 46 - 65), wherein the 
gateway is configurable to communicate with the managers through the platform- independent 
interface to deliver the events or requests (e.g., col., 6, lines 13 - 29); 

the gateway is configurable to provide object-level access control between the managers 
and the managed objects to receive the events from or to send the requests to the managed 
objects (e.g., col., 5, lines 46 - 65), wherein said object-level access control is provided at the 
individual object level so that one of the managers is granted access to one of the managed 
objects while being prevented from interfacing with a different one of the managed objects (e.g., 
col., 7, lines 35 - 57), and wherein the managers use a request Service Access Point (SAP) for 
requests and responses (e.g., col., 6, lines 2 - 28), wherein the gateway uses a singleton SAP 
object that shares all Proxy Agents through which a manager deals with a managed object (e.g., 



Application/Control Number: 09/556,068 Page 15 

Art Unit: 2154 

col., 5, lines 2 - 34), and allows the insertion of the user name in the request message to enforce 
object-level access control (e.g., col., 5, lines 47 - 67), 

sending an identity of a user of a manager application to a gateway (e.g., col., 7, lines 35 - 
67), determining on a managed object level whether or not the manager application is allowed to 
receive an event generated by one of a plurality of managed objects or to send a request to the 
one of the plurality of managed objects as a function of the identity of the user of the manager 
application (e.g., col., 5, line 53 - col., 6, line 13), whereby access for the manager application to 
receive the event or send the request is approved or denied for said one of the plurality of 
managed objects at the individual object level so that the manager application is granted access 
to one of the plurality of managed objects while being prevented from interfacing with a 
different one of the plurality of managed objects (e.g., col., 7, lines 35 - 67); and delivering the 
event to the manager application or the request to the managed object if the manager access is 
approved (e.g., col., 6, lines 23 - 49). 

15. New claims 58-63, are rejected under 35 U.S.C. 102(e) as being anticipated by Barker et 
al. U.S. patent number 6,363,421 (Hereinafter Barker). 

16. As per claims 58-60, Barker teaches a network management system / method / a 
computer readable medium (e.g., figure 1 A), comprising: a gateway which is coupled to a 
plurality of managed objects and which is configured to deliver events generated by the managed 
objects to one or more managers or to deliver requests generated by the managers to one or more 
of the managed objects (e.g., figures 2A, 3, col., 5, lines 33 - 39, col., 8, line 53 - col., 9, line 
19), and 
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a platform-independent interface to the gateway (e.g., col., 4, lines 33 - 42, col., 5, lines 
33 - 39 ), wherein the gateway is configurable to communicate with the managers through the 
platform- independent interface to deliver the events or requests (e.g., col, 5, lines 1 1 - 24); 

the gateway is configurable to provide object-level access control between the managers 
and the managed objects to receive the events from or to send the requests to the managed 
objects (e.g., use of managed object identifier for network elements, figure 6), wherein said 
object-level access control is provided at the individual object level so that one of the managers 
is granted access to one of the managed objects while being prevented from interfacing with a 
different one of the managed objects (e.g., use of naming service, col., 8, line 53 - col., 9, line 
33), and wherein the managers use a request Service Access Point (SAP) for requests and 
responses (e.g., use of naming service, col., 8, line 53 - col, 9, line 33), 

sending an identity of a user of a manager application to a gateway (e.g., figure 6, col., 8, 
line 53 - col., 9, line 33), determining on a managed object level whether or not the manager 
application is allowed to receive an event generated by one of a plurality of managed objects or 
to send a request to the one of the plurality of managed objects as a function of the identity of the 
user of the manager application (e.g., col., 14, line 35 - col., 15, line 31), whereby access for the 
manager application to receive the event or send the request is approved or denied for said one of 
the plurality of managed objects at the individual object level so that the manager application is 
granted access to one of the plurality of managed objects while being prevented from interfacing 
with a different one of the plurality of managed objects (e.g., use of naming service and event 
distribution, col., 17, lines 3 - 64); and delivering the event to the manager application or the 
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request to the managed object if the manager access is approved (e.g., use of naming service and 
filtering, col., 17, lines 3 - 64). 

17. As per claims 61-63, Barker teaches a network management system / method / a 
computer readable medium (e.g., figure 1 A), comprising: a gateway which is coupled to a 
plurality of managed objects and which is configured to deliver events generated by the managed 
objects to one or more managers or to deliver requests generated by the managers to one or more 
of the managed objects (e.g., figures 2 A, 3, col., 5, lines 33 - 39, col., 8, line 53 - col., 9, line 
19), and 

a platform-independent interface to the gateway (e.g., col., 4, lines 33 - 42, col., 5, lines 
33 - 39 ), wherein the gateway is configurable to communicate with the managers through the 
platform- independent interface to deliver the events or requests (e.g., col., 5, lines 1 1 - 24); 

the gateway is configurable to provide object-level access control between the managers 
and the managed objects to receive the events from or to send the requests to the managed 
objects (e.g., use of managed object identifier for network elements, figure 6), wherein said 
object-level access control is provided at the individual object level so that one of the managers 
is granted access to one of the managed objects while being prevented from interfacing with a 
different one of the managed objects (e.g., use of naming service, col., 8, line 53 - col., 9, line 
33), arid wherein the managers use a request Service Access Point (SAP) for requests and 
responses (e.g., use of naming service, col., 8, line 53 - col., 9, line 33), wherein the gateway 
uses a singleton SAP object (e.g., use of naming service, col., 8, line 53 - col., 9, line 33), that 
shares all Proxy Agents through which a manager deals with a managed object (e.g., col., 1 1, 
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lines 18-60) and allows the insertion of the user name in the request message to enforce object- 
level access control (e.g., figure 6, col., 17, lines 25 - 63), 

sending an identity of a user of a manager application to a gateway (e.g., figure 6, col., 8, 
line 53 - col., 9, line 33), determining on a managed object level whether or not the manager 
application is allowed to receive an event generated by one of a plurality of managed objects or 
to send a request to the one of the plurality of managed objects as a function of the identity of the 
user of the manager application (e.g., col, 14, line 35 - col., 15, line 31), whereby access for the 
manager application to receive the event or send the request is approved or denied for said one of 
the plurality of managed objects at the individual object level so that the manager application is 
granted access to one of the plurality of managed objects while being prevented from interfacing 
with a different one of the plurality of managed objects (e.g., use of naming service and event 
distribution, col, 17, lines 3 - 64); and delivering the event to the manager application or the 
request to the managed object if the manager access is approved (e.g., use of naming service and 
filtering, col., 17, lines 3 - 64). 

Conclusion 

18. The prior art made of record (forms PTO-892 and applicant provided IDS cited arts) and 
not relied upon is considered pertinent to applicant's disclosure. 

Apte, US 2004/01 1 1730 Al, June 10, 2004, also discloses use of CORBA Server and the 
object level access control. 
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Roytman et al, US 2002/001201 1, Jan. 31, 2002, also discloses use of PMI, naming 
service and a distributed network management system for object level access control among 
proxy agents and network devices. 

Spencer 6,253,243, and Vuong et al 6,430,578, teaches naming service using well-known 
use of PMI. 

Feuerman, 6,529,947, "Managing transiently connected network clients", discloses use of 
name service to provide object level access control over the network among objects. 

Applicant submitted, IDS, paper number 9, N. Lynch et. al., "Web Enabled TMN 
Manager", clearly discloses use of CORB A with the existing TMN devices for object level 
access control. 

Taylor et al, 6,256,676, "Agent-adapter architecture for use in enterprise application 
integration systems", discloses use of object level access control for variety of objects. 

Bowman- Amuah, 6,640,249, "Presentation services patterns in a netcentric 
environment", discloses use of CORB A server, naming service, security audit trails, etc. 

Houlding, 6,75,771, "System and method for delivering web services using common 
object request broker architecture", discloses use of CORBA naming service for object level 
access control among objects. 

In order to speed up the procecution of this case, examiner has made an additional serious 
effort for amending the independent claims. Applicant is suggested to make the following 
amendments to the claims to define the scope of their invention. 

Cancellation of claims 58 - 63 and Amendment of claims 1, 20, 39 as follows: 

Claim 1: A network management system, comprising: 
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a gateway coupled between a plurality of managed objects and a plurality of proxy agent 
managers ; and the gateway is configured to deliver events generated by the managed objects to 
the managers and to deliver requests generated by the managers to the managed objects; wherein, 
each of the events and each of the requests contain a user identification; wherein, the user 
identification identifies the respective manager for which the event or the request belongs to ; 

a platform-independent interface to the gateway, wherein the gateway is configurable to 
provide communication between the managers and the managed objects through the platform- 
independent interface to deliver the events and the requests; wherein, the managers share a 
singleton Request Service Access Point (RequestSAP) object ; 

wherein, the gateway is configurable to provide object-level access control between the 
managers and the managed objects to receive the events from and to send the requests to the 
managed objects, wherein said object-level access control is provided by the Request SAP object - 
at an individual object level to grant one of the managers to access one of the managed objects 
while the Request SAP object preventing the one of the managers being accessed by the other 
managed objects. 

Claims 20: and 39: Amendment of these claims with the similar limitations of the above- 
amended claim 1. 



THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Haresh Patel whose telephone number is (571) 272-3973. The 
examiner can normally be reached on Monday, Tuesday, Thursday and Friday from 10:00 am to 
8:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John Follansbee can be reached on (571) 272-3964. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Haresh Patel 
January 26, 2005 




